Sony rootkit settlement on the way

Sony is trying to make the embarrassing rootkit scandal disappear in a flash. …

Sony BMG has rushed forth to settle a class action lawsuit brought by Girard Gibs and Kamber & Associates in New York over its embarrassing rootkit scandal. A few months ago it came to light that Sony was using a particularly egregious form of copy protection on CDs that implants hooks into the Windows kernel to make sure you don't use the CD in a manner of which Sony doesn't approve. The so-called rootkit caused a furor online and in the media, and after trying to play it down as par for the course, Sony eventually relented and claimed it would no longer use the DRM in question. That didn't stop the lawsuits, however. A class action lawsuit was filed in California within days of the evidence becoming public, and suits in other regions followed quickly.

The settlement will include a promise by Sony to stop all use of the XCP and MediaMax DRM technologies, which is a given. Then, after paying lawyers' fees (what is a class action for, if not that?), the company will recall all remaining XCP and MediaMax DRM-backed CDs, and then compensate customers who have purchased the ill-begotten discs. Sony has said that it was recalling discs previously, but the company says it is having trouble getting all retailers to comply.

Customers who purchased the poisoned discs will have two options. First, they can cash in on a payment of US$7.50 per CD they purchased (aka, much less than they paid for it), and snag one free album download. Or, if one don't want to bother with cashing a check for $7.50, the cash payment can be cast aside in favor of three free album downloads. In both instances, the offending CDs will be replaced with DRM-free discs, but the album downloads will most likely use a less heinous form of DRM. The company will also be required to provide a safe tool for removing the rootkits.

Perhaps the most interesting aspect of this settlement is the requirement regarding downloadable albums. Sony has the right to limit the albums that are available to a list of 200, but the company cannot force you to use their music store. Instead, Sony must use at least three different venues to distribute content:

Settlement Class Members may download albums from any one of three major download services. SONY BMG will use commercially reasonable efforts to offer Apple Computer, Inc.’s popular iTunes as one of the download services available to Settlement Class Members.

The settlement will not take place until it is approved by the court. Proof of purchase will be required, or proof of a return if a disc was taken back to a retailer after November 14.

Will this be enough to restore Sony's reputation? It depends on who you ask. The general public has probably forgotten about Sony already, but the technology community will remember this for a very, very long time. Let's hope that the public shame of a class action serves as a warning to other companies who are willing to endanger our personal property for no good reason whatsoever.

Ken Fisher / Ken is the founder & Editor-in-Chief of Ars Technica. A veteran of the IT industry and a scholar of antiquity, Ken studies the emergence of intellectual property regimes and their effects on culture and innovation.